Wednesday, October 26, 2011

This story caught my eye, particularly in light of my focus on government surveillance and data privacy on this blog. At first glance, the fact that Google is publicly detailing the the US government's increasing requests for access to its users data is a victory for transparency.

As for the motive, Google is a member of the Due Process Coalition, which supports the reform of a 25-year-old government privacy law that lets law enforcement
get access to users’ online communications without having to get a judge’s
approval. This of course, seems like a righteous effort. And to Google's credit, the coalitions other members - which include Amazon, AOL, AT&T,
Dropbox, Facebook and Microsoft - provide no such data regarding how often the
government requests data or how often they comply.

Of course, there's a whole lot more to this story. First, let's be clear about Google's long, sordid history when it comes to privacy protection. And, let's remember that Google has made a fortune from spying on
what consumers do online, including what web sites they visit; creates dossiers
on users’ online behavior without their prior permission; then harvests this
private information to sell hundreds of millions of dollars in advertising.

In other words, I view ANYTHING Google says or apparently does when it comes to privacy with a huge grain of salt. Still, in this case, I want to know what the government is up to, particularly in light of these new figures, and how the Patriot Act fits in. As I said at the beginning of the post, there's more to this story, and these new figures, than meets the eye.

The number of U.S. government requests for data
on Google users for use in criminal investigations rose 29 percent in the last
six months, according to data released by the search giant Monday. U.S.
government agencies sent Google 5,950 criminal investigation requests for data on
Google users and services from Jan. 1 to June 30, 2011, an average of 31 a day.
That’s compared to 4,601 requests from July 1 to Dec. 31, 2010, the company
reported Tuesday in an update
to its unique transparency tool. Google says it complied in whole or part with 93% of such
requests, which can include court orders, grand jury subpoenas and other legal
instruments.

It's not what these numbers say that's the problem, its what they don't. Here's the REAL story:

According to Google, the numbers do not include National
Security Letters, a sort-of self-issued subpoena used by the FBI in drug and
terrorism cases. At their post–Patriot Act peak, the FBI issued more than
50,000 such letters a year, nearly all with gag orders attached to them. The
use of such letters dipped for a time after the Justice Department’s internal
watchdog unveiled widespread abuses and sloppy procedures, but are on the rise
again. Also not included are national security wiretap and data
requests, known as FISA warrants, that are approved by a secret court in D.C.
to combat spies and threats to national security.

These are HUGE hole's in this whole "transparency" facade! Remember, National Security Letters (NSLs) – which allow the FBI, without a court
order, to obtain telecommunication, financial and credit records deemed
“relevant” to a government investigation - were PROVEN to have been flagrantly abused by the FBI perhaps tens of thousands of times.

As Adam Sewer of the American Prospect noted: “It's no secret that the FBI's
use of NSLs - a surveillance tool that allows the FBI to gather reams of
information on Americans from third-party entities (like your bank) without a
warrant or without suspecting you of a crime - have resulted in widespread
abuses. All that the FBI needs to demand your private information from a
third-party entity is an assertion that such information is
"relevant" to a national security investigation -- and the NSLs come
with an accompanying gag order that's
almost impossible to challenge in court."

And what of FISA requests??? We know the Patriot Act allowed the government access to Internet sites we've visited as well as to listen in on the phone calls we make. It wasn’t long ago that the idea of our government wiretapping American
citizens without warrants for purposes other than national security would have
been revolting. Now its official Government policy – and the telecom companies
that participated in these crimes have been given retroactive immunity while
continuing to make billions off overcharging the same customers they betrayed.

My question is just how many times is Google being asked for our information by our government that falls into these categories?

Let's also remember, there's a clear pattern we should all be aware of when it comes to government access to our data: Facebook reportedly receives up to 100 demands from the government each week
for information about its users. AOL reportedly receives 1,000 demands a month.
In 2006, a U.S. Attorney demanded book purchase records of 24,000 Amazon.com
customers. Sprint recently disclosed that law enforcement made 8 million
requests in 2008 alone for its customer’s cell phone GPS data for purposes of locational
tracking.

And if that's not enough, it was Google’s CEO, Eric Schmidt that said "If you have something that
you don't want anyone to know, maybe
you shouldn't be doing it in the
first place."

As you let that sink in, he also said: "… the reality is that search
engines including Google do retain this information for some time, and it's important, for example that we are all subject in
the United States
to the Patriot Act. It is possible that that information could be made
available to the authorities."

In other words, the data that we need to be made public is precisely the data not being provided - particularly in light of the growing Occupy Wall Street protests spreading around the country and world. Believe me, the FBI wants access to this information. There may be some good news to report here though, as the agency appears to be increasingly going through the courts to obtain it (though knowing how bad our courts are on privacy its not exactly the time to pop champagne).

The FBI is increasingly going to court to get personal
e-mail and Internet usage information as service providers balk at disclosing
customer data without a judge’s orders. Investigators once
routinely used administrative subpoenas, called national security letters,
seeking information about who sent and received e-mail and what Web sites
individuals visited. The letters can be issued by FBI field offices on their
own authority, and they obligate the recipients to keep the requests secret.

But more recently, many service providers receiving national
security letters have limited the information they give to customers’ names,
addresses, length of service and phone billing records.

...

Investigators seeking more expansive information over the
past two years have turned to court orders called business record requests. In
the first three months of this year, more than 80 percent of all business
record requests were for Internet records that would previously have been
obtained through national security letters, the FBI said. The FBI made more
than four times as many business records requests in 2010 than in 2009: 96
compared with 21, according to Justice Department reports.

In response to concerns expressed by administration
officials, Judiciary Committee Chairman Patrick J. Leahy (D-Vt.) has introduced
a measure that would establish that the FBI can use national security letters
to obtain “dialing, routing, addressing and signaling information.” It would
not include the content of an e-mail or other communications, the
administration has said.

The administration, which last year contemplated legislation
to expand the authority of national security letters, has not taken a formal
position on the Leahy measure, officials said. But the FBI has told Congress
that the number of business record orders will continue to grow unless a legal
change gives the agency more routine access to customer data.

Civil liberties groups said Leahy’s measure, included in a
bill to modernize the Electronic Communications Privacy Act, would expand the
government’s authority to obtain substantial data about the private
communications of individuals without court oversight.

“Our view is data like e-mail ‘to-from’ information is so
sensitive that it ought to be available only with a court order,” said Greg
Nojeim, senior counsel at the Center for Democracy and Technology. Privacy advocates said they support requiring the FBI to use
court orders to seek the data. “This is an example of how the system should
work,” said American Civil Liberties Union legislative counsel Michelle
Richardson.

Business record requests are also known as Section 215
orders, after a provision in the Patriot Act, the law passed after the Sept.
11, 2001, terrorist attacks. The provision allows the government to obtain “any
tangible thing” if officials can show reasonable grounds that it would be
relevant to an authorized terrorism or espionage investigation. The ACLU and the Electronic Frontier Foundation on Wednesday
plan to separately sue the government to force disclosure of its interpretation
of Section 215. The groups are following the lead of Sen. Ron Wyden (D-Ore.),
who has accused the administration of inappropriately withholding information
about the law’s use.

In other words, there's a whole lot we still don't know...and a whole lot of reasons, based on past Patriot Act abuses, lax oversight, and the recent increase in efforts by the government to access our data, be it through Google requests we know about, those we don't, as well as FBI's attempts through the court system.

If these new figures released by Google can serve the purpose the company purports it seeks -

to encourage the passage of new laws that will give
the company more leverage to deny government access to people's online communications and activities - then more power to them. In the meantime, I'll remain skeptical and concerned.

Tuesday, October 25, 2011

I want to follow up on my post last Thursday raising concerns about the way the Patriot Act will be used by law enforcement and the government against Occupy Wall Street protesters. This assertion is based on a long history of Patriot Act abuses - particularly pertaining to the prior targeting of anti-war, environmental, and anti-globalization protests.

As I pointed out, according to a report by the ACLU, there have been 111 incidents of illegal domestic political surveillance since 9/11 in 33 states and the District of Columbia. The report makes it clear that law enforcement and federal officials work closely to monitor the political activity of individuals deemed suspicious, an activity common during the Cold War – including protests, religious activities and other rights protected by the first amendment. The report also noted how the FBI monitors peaceful protest groups and in some cases attempted to prevent protest activities.

Before I get to the article, another concern protesters should have was illustrated by a bill in California (SB 914 - Vetoed by the Governor): police can seize and search your smart phones...and perhaps even download that information (or at least the FBI has such technology).

The legislation was a response to a recent California Supreme Court decision (People v. Diaz) allowing police to rummage through all of the private information on your smart phone as part of an arrest, including your text messages and e-mails. SB 914 would have clarified that an arrestee’s smart phone can only be accessed with a warrant, except in circumstances where there is an immediate threat to public safety or the arresting officer. The bill acknowledged that accessing information on a mobile phone – particularly smart phones that contain all kinds of personal, private information - is fundamentally different than searching an arrested person’s wallet, cigarettes or pockets.

So, while the revelations I want to share with you today are unrelated to the Patriot Act per se, they perfectly illustrate the point I was driving at...which were the inherent threats to privacy and civil liberties Americans, particularly protesters, now face.

Would you believe, as the article details, that $150 million of taxpayer money is funding a government facility in lower Manhattan where Wall Street firm representatives have joined the New York Police Department to spy on law-abiding citizens simply taking advantage of their First Amendment rights?

Martens writes:

According to newly unearthed documents, the planning for this high tech facility on lower Broadway dates back six years. In correspondence from 2005 that rests quietly in the Securities and Exchange Commission’s archives, NYPD Commissioner Raymond Kelly promised Edward Forst, a Goldman Sachs’ Executive Vice President at the time, that the NYPD “is committed to the development and implementation of a comprehensive security plan for Lower Manhattan . . . One component of the plan will be a centralized coordination center that will provide space for full-time, on site representation from Goldman Sachs and other stakeholders.”

At the time, Goldman Sachs was in the process of extracting concessions from New York City just short of the Mayor’s first born in exchange for constructing its new headquarters building at 200 West Street, adjacent to the World Financial Center and in the general area of where the new World Trade Center complex would be built. According to the 2005 documents, Goldman’s deal included $1.65 billion in Liberty Bonds, up to $160 million in sales tax abatements for construction materials and tenant furnishings, and the deal-breaker requirement that a security plan that gave it a seat at the NYPD’s Coordination Center would be in place by no later than December 31, 2009.

The surveillance plan became known as the Lower Manhattan Security Initiative and the facility was eventually dubbed the Lower Manhattan Security Coordination Center. It operates round-the-clock. Under the imprimatur of the largest police department in the United States, 2,000 private spy cameras owned by Wall Street firms, together with approximately 1,000 more owned by the NYPD, are relaying live video feeds of people on the streets in lower Manhattan to the center. Once at the center, they can be integrated for analysis. At least 700 cameras scour the midtown area and also relay their live feeds into the downtown center where low-wage NYPD, MTA and Port Authority crime stoppers sit alongside high-wage personnel from Wall Street firms that are currently under at least 51 Federal and state corruption probes for mortgage securitization fraud and other matters.

In addition to video analytics which can, for example, track a person based on the color of their hat or jacket, insiders say the NYPD either has or is working on face recognition software which could track individuals based on facial features. The center is also equipped with live feeds from license plate readers.

According to one person who has toured the center, there are three rows of computer workstations, with approximately two-thirds operated by non-NYPD personnel. The Chief-Leader, the weekly civil service newspaper, identified some of the outside entities that share the space: Goldman Sachs, Citigroup, the Federal Reserve, the New York Stock Exchange. Others say most of the major Wall Street firms have an on-site representative. Two calls and an email to Paul Browne, NYPD Deputy Commissioner of Public Information, seeking the names of the other Wall Street firms at the center were not returned. An email seeking the same information to City Council Member, Peter Vallone, who chairs the Public Safety Committee, was not returned.

...

The project has been funded by New York City taxpayers as well as all U.S. taxpayers through grants from the Federal Department of Homeland Security. On March 26, 2009, the New York Civil Liberties Union (NYCLU) wrote a letter to Commissioner Kelly, noting that even though the system involves “massive expenditures of public money, there have been no public hearings about any aspect of the system…we reject the Department’s assertion of ‘plenary power’ over all matters touching on public safety . . . the Department is of course subject to the laws and Constitution of the United States and of the State of New York as well as to regulation by the New York City Council.”...

The NYCLU also noted in its letter that it rejected the privacy guidelines for the surveillance operation that the NYPD had posted on its web site for public comment, since there had been no public hearings to formulate these guidelines. It noted further that “the guidelines do not limit police surveillance and databases to suspicious activity . . . there is no independent oversight or monitoring of compliance with the guidelines.”

If that isn't enough, apparently the individual who did write the privacy guidelines for this operation (you can read this in the article) has family ties to both Wall Street firms AND the company that will profit off this very surveillance system.

So for those keeping score, the VERY same criminal enterprises on Wall Street that - through their recklessness and thievery - crashed the global economy and caused untold suffering to literally tens of millions of people, only to get bailed out by the SAME people they scammed...and are now making record profits 3 years later while record numbers are unemployed, living in poverty, and going hungry, are now using OUR MONEY to spy on us!

If that's not enough to make your blood boil, and run out to the nearest Occupy Wall Street (or whichever city you live in ) protests I don't know what will. This story really has it all, from taxpayer fraud to intrusive surveillance to the possible use of facial recognition technology to the creepy collusion of corporate and government authorities to subvert American's constitutional right to privacy and on down the line.

As Pam Martens aptly concludes, "Wall Street is infamous for perverting everything it touches: from the Nasdaq stock market, to stock research issued to the public, to auction rate securities, mortgages sold to Fannie Mae and Freddie Mac, credit default swaps with AIG, and mortgage securitizations. Had a public hearing been held on this massive surveillance sweep of Manhattan by potential felons, hopefully someone might have pondered what was to prevent Wall Street from tracking its employee whistleblowers heading off to the FBI offices or meeting with a reporter. One puzzle has at least been solved. Wall Street’s criminals have not been indicted or sent to jail because they have effectively become the police."

In many ways this story EPITOMIZES exactly why the Occupy movement is both just and righteous...and growing.

Thursday, October 20, 2011

In light of the growing worldwide Occupy Wall Street protests we would do well to revisit how the Patriot Act has been abused by government, not to catch terrorists, but to stifle dissent and consolidate power. Understanding how its been used in the past should make us all very wary about how its probably being used as we speak, and will be used in the future, to target protesters utilizing their First Amendment right to speak out against a deeply corrupted and unjust economic system.

What’s amazing is this movement didn’t start sooner…if only it had back after the 2008 crash perhaps we could have gotten REAL financial reform. The bottom line is the masses are starting to understand that the economic and political game is rigged….and the only winners are corporations, Wall Street, and the very top of the income ladder. Meanwhile, the middle class is nearly gone and the lower class and poverty is exploding.

Now, just a month after it began we saw large crowds marching in London, Frankfurt, and Rome, in addition to approximately 900 protests in American cities and as many as 2,000 have taken place worldwide.

As you read these DOCUMENTED abuses, keep the Occupy Wall Street protests in mind.

Consider what we know:

• As Adam Sewer of the American Prospect notes: “It's no secret that the FBI's use of NSLs - a surveillance tool that allows the FBI to gather reams of information on Americans from third-party entities (like your bank) without a warrant or without suspecting you of a crime - have resulted in widespread abuses. All that the FBI needs to demand your private information from a third-party entity is an assertion that such information is "relevant" to a national security investigation -- and the NSLs come with an accompanying gag order that's almost impossible to challenge in court.”
• NSLs were used by the Bush administration after the Sept. 11, 2001 attacks to demand that libraries turn over the names of books that people had checked out. In fact, there were at least 545 libraries that received such demands in the year following passage of the Patriot Act alone.
• The Electronic Frontier Foundation (EFF) uncovered "indications that the FBI may have committed upwards of 40,000 possible intelligence violations in the 9 years since 9/11." It said it could find no records of whether anyone was disciplined for the infractions.
• Under the Bush Administration, the FBI used the Patriot Act to target liberal groups, particularly anti-war, environment, and anti-globalization, during the years between 2001 and 2006 in particular.
• According to a recent report by the ACLU, there have been 111 incidents of illegal domestic political surveillance since 9/11 in 33 states and the District of Columbia. The report shows that law enforcement and federal officials work closely to monitor the political activity of individuals deemed suspicious, an activity common during the Cold War – including protests, religious activities and other rights protected by the first amendment. The report also noted how the FBI monitors peaceful protest groups and in some cases attempted to prevent protest activities.
• According to a July 2009 report from the Administrative Office of the U.S. Courts, only three of the 763 "sneak-and-peek" requests in fiscal year 2008 involved terrorism cases. Sixty-five percent were drug related.

In other words, the "precedent" set by the Patriot Act appears to
be serving to accelerate the rapid disintegration of civil liberties in this
country. But let's go back to what I wrote on the "secret provision": Of equal concern is what we still don't know about how the
government might be using the Act, highlighted by recent statements made by US
Senators regarding what they termed "secret Patriot Act provisions". Senator
Ron Wyden ( D-OR ), an outspoken critic of the recent reauthorization, stated,
"When the American people find out how their government has secretly interpreted
the Patriot Act they will be stunned and they will be angry." As a member of the
Senate Intelligence Committee Wyden is in a position to know, as he receives
classified briefings from the executive branch.

In recent years, three
other current and former members of the US Senate - Mark Udall ( D-CO ), Dick
Durbin ( D-IL ), and Russ Feingold ( D-WI ) - have provided similar warnings.
We can't be sure what these senators are referring to, but the evidence
suggests, and some assert, that the current administration is using Section 215
of the Patriot Act - a provision that gives the government access to "business
records" - as the legal basis for the large-scale collection of cell phone
location records.

The fact that in 2009 Sprint disclosed that law
enforcement made 8 million requests in 2008 alone for its customer's cell phone
GPS data for purposes of locational tracking should only add to these legitimate
privacy concerns.

Two United States senators...accused the Justice Department of making misleading statements about the legal justification of secret domestic surveillance activities that the government is apparently carrying out under the Patriot Act.

The lawmakers — Ron Wyden of Oregon and Mark Udall of Colorado, both of whom are Democrats on the Senate Intelligence Committee — sent a letter to Attorney General Eric H. Holder Jr. calling for him to “correct the public record” and to ensure that future department statements about the authority the government believes is conveyed by the surveillance law would not be misleading.

...

Mr. Wyden and Mr. Udall have for months been raising concerns that the government has secretly interpreted a part of the Patriot Act in a way that they portray as twisted, allowing the Federal Bureau of Investigation to conduct some kind of unspecified domestic surveillance that they say does not dovetail with a plain reading of the statute.

The dispute has focused on Section 215 of the Patriot Act. It allows a secret national security court to issue an order allowing the F.B.I. to obtain “any tangible things” in connection with a national security investigation. It is sometimes referred to as the “business records” section because public discussion around it has centered on using it to obtain customer information like hotel or credit card records.

But in addition to that kind of collection, the senators contend that the government has also interpreted the provision, based on rulings by the secret national security court, as allowing some other kind of activity that allows the government to obtain private information about people who have no link to a terrorism or espionage case.

Justice Department officials have sought to play down such concerns, saying that both the court and the intelligence committees know about the program. But the two lawmakers contended in their letter that officials have been misleading in their descriptions of the issue to the public.

First, the senators noted that Justice Department officials, under both the Bush and Obama administrations, had described Section 215 orders as allowing the F.B.I. to obtain the same types of records for national security investigations that they could get using a grand jury subpoena for an ordinary criminal investigation. But the two senators said that analogy does not fit with the secret interpretation. Now let me go back to my analysis of the Patriot Act...again, with the Occupy Protests in mind:

The
Patriot Act was sold as an indispensable weapon in the government's arsenal to
fight and "win" the "War on Terror". We were assured that the sole purpose of
these unprecedented powers granted government were to locate and catch
terrorists - not raid the homes of pot dealers and wiretap peace activists.
Monitoring political groups and activities deemed "threatening" ( i.e.
environmentalists, peace activists ), expanding the already disastrous and
wasteful war on drugs, and eavesdropping on journalists isn't about fighting
terrorism, it's about stifling dissent and consolidating power - at the expense
of civil liberties.

How ironic that the very "tool" hailed as our
nation's protector has instead been used to violate the very Constitutional
protections we are allegedly defending from "attack" by outside threats. What
was promised as a "temporary", targeted law to keep us safe from terror has
morphed into a rewriting of the Bill of Rights.

John Whitehead explains:"The Patriot Act drove a stake through the heart of the Bill of Rights,
violating at least six of the ten original amendments-the First, Fourth, Fifth,
Sixth, Seventh and Eighth Amendments-and possibly the Thirteenth and Fourteenth
Amendments, as well. The Patriot Act also redefined terrorism so broadly that
many non-terrorist political activities such as protest marches, demonstrations
and civil disobedience were considered potential terrorist acts, thereby
rendering anyone desiring to engage in protected First Amendment expressive
activities as suspects of the surveillance state."

As I also asserted, the Bill of Rights is under siege, particularly the Fourth Amendment, writing, "Some important questions demand answers: Does increasingly intrusive and even unconstitutional anti-terrorism measures actually make us any safer (or less so)? If so, what is the price we are willing to pay for that additional security?

Since 9/11 an undeniable pattern has emerged, from illegal search and seizures to warrantless wiretapping to the GPS tracking of cell phones to airport body scanners to the redefinition of Habeas Corpus to the increasing use of rendition for the purposes of torturing prisoners yet to be charged with a crime to military tribunals replacing courts of law, among many others.

What were once considered unassailable civil liberties granted to ALL citizens are under siege. The consequences of such a loss would be profound. Without the fundamental reform of the Patriot Act I fear this loss will be a permanent, and the American experiment will forever be altered.

So let us hope that the desperately needed, and incredibly hopeful Occupy Wall Street protests, and protesters, are not the target of aggressive and unconstitutional Patriot Act abuses (we've already seen how law enforcement has overreached) - as in the past. Of course, "hoping" is no solution to the constitutional crises we face in this country - epitomized by the Patriot Act (and court rulings like Citizens United).

Just as the protesters are absolutely correct in their focus on wealth disparity, Wall Street corruption and criminality, and our transformation into something resembling an oligarchy more than a true democracy, we should also remember that since 9/11 the US Bill of Rights has been under assault, with the Patriot Act serving as the battering ram. So, while we must address economic justice issues so too must we demand reforms to, and even repeal of, the worst components of a law (the Patriot Act) that was in part DESIGNED to counter and stifle the very protests taking place across this country and world.

Thursday, October 13, 2011

It was a near legislative sweep for privacy advocates this
year as Governor Brown signed all but one of the key privacy bills that reached
his desk. These include:

SB 602 (Yee) will ensure that government and third parties
cannot access private reading records without proper justification. This is no
small victory being that digital books will store data that can include books
browsed, how long a page is viewed, and even the electronic notes written in
the margins. It's not hard to see
the detailed portrait of your life such information could paint.

AB 22 (Mendoza) will
prohibit a prospective employer from using consumer credit reports in the
hiring process unless it’s directly related to the job. This bill was one of
our top priorities this year for a number of reasons, including: credit reports
do not have predictive value in determining a worker’s ability to perform job
duties, while a bad credit report might unfairly influence a hiring employer’s
attitude toward a job applicant; a significant percentage of credit reports are
inaccurate, and correcting such information in a credit report is a tedious,
time consuming affair; and millions of peoples credit scores have been
decimated by a Great Recession that was no fault of their own, but in fact due
to the actions of some of the very interests that then arbitrarily determine
ones credit rating. For all of those reasons and more this legislation was a
victory for both privacy and economic justice.

SB 24 (Simitian) will
provide an important upgrade to California's landmark breach notification law. It spells out
which key details must be included in that notification letter, and would make
sure the Attorney General hears about the breach. SB 24 will help consumers
make sense of these notices, and help arm us to stop identity theft. Sony,
Citibank, and the Bay Area Rapid Transit District are recent examples of
businesses and government agencies whose customers’ records were stolen by
hackers.

And just a few weeks ago it was revealed that 300,000
Californians’ intimate medical records, along with their social security
numbers, were viewable for months to anyone with an internet connection, owing
to an insurance processing business’ failure to safeguard its electronic data
files. This massive medical records data breach leads us to another privacy
related legislative victory: SB 850 (Leno), which will expand the
Confidentiality of Medical Information Act to both written and electronic
health records.

Also of note, but not a high priority for CFC this year, was the
signing of SB 208 (Alquist), which will authorize restitution to an identity
theft victim for expenses to monitor a credit report and for the costs to
repair a credit rating, and SB 636 (Corbett), which will provide further
protection to individuals participating in the Safe at Home Program by
prohibiting their addresses and telephone numbers from being posted on the
Internet, and establishing crimes for publishing or failing to remove their
identifying information.

Currently police can seize and search an individual’s smart
phone or android without a warrant, just like a traditional cell phone. SB 914 would
have clarified that an arrestee’s cell phone can only be accessed with a
warrant, except in circumstances where there is an immediate threat to public
safety or the arresting officer. It acknowledges that accessing information on
a cell phone is fundamentally different than searching an arrested person’s
wallet, cigarette pack or jeans pockets.

Being that modern cell phones are becoming more like all
purpose computers, and therefore contain ALL KINDS of personal, private
information, the authorities should not be granted the right to that information
without a warrant.

Unfortunately, in 2007, California's Supreme Court ruled against such a distinction,
arguing, "The cell phone was an item (of personal property) on the person
at the time of his arrest and during the administrative processing at the
police station. Because the cell phone was immediately associated with
defendant’s person, (police were) entitled to inspect its contents without a
warrant."

But these justices went even further - comparing the cell phone to personal
effects like clothing. Worse, it argued that it wasn't
because the police had a particular right in this particular case, or there was
some special exception that allowed such a search, but rather, that no
exception was even necessary. In other words, this case was not an exception,
but rather the NEW rule: cell phone records are now of little difference than
the shirt on your back if you've
been arrested.

Dissenting Justice Kathryn Werdegar raised similar concerns
we have in her opinion: "The majority’s holding ... (grants) police carte
blanche, with no showing of exigency, to rummage at leisure through the wealth
of personal and business information that can be carried on a mobile phone or
handheld computer merely because the device was taken from an arrestee’s
person...The majority thus sanctions a highly intrusive and unjustified type of
search, one meeting neither the warrant requirement nor the reasonableness
requirement of the Fourth Amendment to the United States Constitution."

In response to the ruling, Jonathan Turley, a Constitutional law expert at George Washington
University, seconded
Justice’s fourth amendment related concerns, "The Court has left the
Fourth Amendment in tatters and this ruling is the natural extension of that
trend. While the Framers wanted to require warrants for searches and seizures,
the Court now allows the vast majority of searches and seizures to occur
without warrants. As a result, the California Supreme Court would allow police
to open cell phone files — the modern equivalent of letter and personal
messages.”

In light of increasing economic injustice and income
inequality, and the likewise growth in number and size in protests across the
country, granting authorities such powers should be viewed with great
skepticism and caution. As State Senator Mark Leno noted, "If you like to
attend political rallies, parades, protests or sit-ins, you might consider
leaving your cell phone at home in the unlikely event arrests are made. A
recent California Supreme Court decision allows police to rummage through all
of the private information on your smart phone as part of an arrest, including
your text messages and e-mails. This warrantless search is now legal in California, regardless
of whether the information on the phone is relevant to the arrest or if
criminal charges are ever filed.”

This fight isn’t over. Senator
Mark Leno has indicated he will bring this legislation back next year in
another effort to overturn the state Supreme Court’s ruling. Clearly, in this
case and many others like it in the age of the Patriot Act and the War on
Terror, Governor Brown was mistaken in his veto message when he said the courts are "better
suited" than legislators to decide when a search is legal. Perhaps in most cases this is true...but not when they are so clearly in conflict with something as fundamental to our basic rights as the Fourth Amendment. Let’s hope we
can change the Governors mind next year.

Thursday, October 6, 2011

Over a month agoI posted a pretty extensive blog on Facial Recognition technology and the
threat it poses to individual privacy. Because I know not everyone can read every post, I'll repeat a few of my thoughts here today before I get to an outstanding piece by Tana Ganeva of Alternet about the rapid spread of this technology - particularly in the workplace (which is especially disturbing).

The article I commented on here back on September 1st was also from Alternet entitled 5
Unexpected Places You Can Be Tracked With Facial Recognition Technology. As I wrote then, this issue has
particular interest to me due to California's recent fight, that we at the
Consumer Federation of California were deeply involved in, over biometric
identifiers being used by the DMV (our Executive Director is quoted in this article).

As for the larger concern over facial recognition technology, groups from the Privacy Rights Clearinghouse (PRC) to the ACLU to the Electronic Frontier Foundation to EPIC have all been very active in making the case that there is a very real threat to privacy at stake in determining just how, and when, this technology can be used.

So let me refresh everyone on the
concept of biometric identifiers - like fingerprints, facial, and/or iris
scans. These essentially match an individual’s personal characteristics
against an image or database of images. Initially, the system captures a
fingerprint, picture, or some other personal characteristic, and transforms it
into a small computer file (often called a template). The next time someone
interacts with the system, it creates another computer file.

There are a number of reasons why such technological identifiers should
concerns us. So let's be real clear, creating a database with millions of
facial scans and thumbprints raises a host of surveillance, tracking and
security question - never mind the cost. And as you might expect, such
identifiers are being utilized by entities ranging from Facebook to the FBI. In
fact, the ACLU of California is currently asking for information about law
enforcements’ use of information gathered from facial recognition technology
(as well as social networking sites, book providers, GPS tracking devices,
automatic license plate readers, public video surveillance cameras).

But for today’s sake, let’s hone in on the article by Tana Ganeva, because it adds another critical piece to this privacy eviscerating technological puzzle...a piece that happens to tie directly to the increasing shift in power from workers and people to corporations and "owners". We see this deterioration in worker rights and this widening gap between the wealth, influence, and rights of the rich and powerful versus the rest of us in the uprisings in Ohio and Wisconsin, to the Occupy Wall Street protests spreading across the country, to movements like the Take Back the American Dream.

FaceIN uses two cameras to map a worker's face, converting
the width of their cheekbones, depth of their eye sockets, nose shape, and
other unique facial features into an ID code. Every day after that, workers
punch in by standing in front of a machine that recognizes them after a
two-second face scan. Unlike the old-fashioned electronic password, FaceIN
promises to tightly monitor when workers come and go, permanently banishing
"buddy punching" from the workplace -- the time-honored practice of
covering for a co-worker who may be running a few minutes late.

...

Face-scanning time clocks were only introduced in the US in 2010, by
companies like Lathem and Compumatic Time Recorders Inc, which outdoes Lathem
by offering a time-clock that recognizes workers in the dark. But biometrics --
the science of determining identity through unique physiological features like
fingerprints or the pattern of veins -- have been creeping into the American
workplace for years. Fingerprint readers, retinal scans, and even machines that
use palm pressure to ascertain identity are in use in workplaces ranging from the
US Senate to hospitals to construction sites and restaurants.

As you can imagine, the applications vary depending on the
work. Namely, the higher up you go on the income ladder, the more likely it is
that biometrics are used to aid security or even protect privacy, like keeping
hospital records safe.

In low-wage jobs, advances in biometrics are starting to
manifest in products that monitor and control employee behavior; devices meant
to scare workers out leaving early to pick up the kids, running a few minutes
late, or giving friends or family the occasional discount.

...

KFC, Souplantation and Sweet Tomatoes join franchise owners
of Pizza Huts and Popeyes in publicizing their use of the technology. A Digital
Persona rep also says U.are.U is used in Long John Silvers and Wendy's
locations. Hooters' corporate management was so impressed after seeing U.are.U
in action at a few restaurants it has made it corporate policy to equip Hooters
across the land with the machines, the Digital Persona rep told AlterNet.

Other companies including a popular fast food chain, an omnipresent
pharmacy, and an upscale furniture store, are keeping quiet about their use of
U.are.U in some of their stores, AlterNet has learned. Their caution seems warranted. Biometrics is a staple of
sci-fi dystopias for a reason, and recent, more public debuts of the technology
have not gone well. Earlier this summer Facebook faced massive backlash after
expanding its face recognition tagging software. The German government even
threatened to
sue the site for violating German privacy laws, and the Connecticut
attorney general scolded Facebook for making the feature default rather than
letting users opt-in.

…

The American low-wage workplace is not exactly a paragon of
mutual trust and autonomy. There are, after all, managers to oversee employee
activity and in many fast food joints surveillance cameras effectively
communicate the point that workers can be watched at all times.

Nussbaum points out that most supervisors would probably notice
if half of their crew stopped showing up but kept getting paid. The far more
exacting measurement of employee arrivals and departures offered up by the
biometric clock appears designed to capture what a human manager might miss.

An American Payroll Association study cited in Digital
Persona promotional materials estimates that "time theft" accounts
for between 1.5 to 5 percent of payroll costs. But what about the longer-term
economic impact of worker burnout? Nussbaum has found that workers subjected to
increasing levels of surveillance can suffer physical and psychological
problems.

Of course, the emotional and physical health of their
lowest-paid workers has never been top corporate priority. It just doesn't have
to be, since essentially every big economic trend over the past 50 years has
screwed low-wage workers while ensuring employers have a large supply of
disposable labor.

Right now is a particularly nasty time to be a member of
America's working poor. Unemployment
rates among high-school graduates hover at around 10 percent -- in
comparison, 4.4 percent of college graduates are out of work. This is despite
the fact that what new jobs are being spit up by the anemic economy are
primarily low-wage, according to a February report by the National
Employment Law Project which found 49 percent of job growth over the year
took place in industries like retail.

…

Facebook has become the most public symbol of privacy
corrosion, so the site's use of face recognition technology sparked the most
outrage. But biometric technology is starting to appear in many realms. A few
weeks ago AlterNet compiled a list of unexpected places where face recognition
technology can be found besides Facebook. These included ads in Vegas and in
the marketing strategies of companies like Adidas and Kraft, as the Los
Angeles Times reported. There's about a 50/50 chance your DMV uses face
recognition to run photographs through a database, according to an estimate by
the EFF's Lee Tien. Police in departments around the country are being equipped
with MORIS, a mobile device that contains face recognition, iris scanning and
digital fingerprints.

One of the things that stands between abuses of the
technology is the visceral unease it engenders, which often leads to backlash
when it's too crudely imposed. Getting young people accustomed to being
fingerprinted just to go to work, though, can go a long way toward making the
technology seem more and more natural, so that it also seems perfectly normal
to give your fingerprint to the police when you don't have to, or be OK with a
corporation, or strangers on the street, knowing who you are from a snapshot of
your face.

As I have written here numerous times, more than any one technology and intrusive abuse of it, or the latest "war on terror" court ruling stripping us of yet another civil liberty, is a future in which privacy itself is but a distant, distorted memory. Where are we
left when the power of corporate or government interests to monitor everything
we do is absolute?

As I wrote, "Whether its the knowledge that everything we do on the internet is followed and
stored, that we can be wiretapped for no reason and without a warrant or
probable cause, that smart grid systems monitor our daily in home habits and
actions, that our emails can be intercepted, that our naked bodies must be
viewed at airports and stored, that our book purchases can be accessed (particularly
if Google gets its way and everything goes electronic), that street corner
cameras are watching our every move, and that RFID tags and GPS technology
allow for the tracking of clothes, cars, and phones (and the list goes
on)...what is certain is privacy itself is on life support in this
country...and without privacy there is no freedom. I also fear how such a
surveillance society stifles dissent and discourages grassroots
political/social activism that challenges government and corporate power...something
that we desperately need more of in this country, not less."

The fact that low income workers could now be subjected to constant facial recognition monitoring in the hopes of working them harder, longer, and under even more duress than they already are by an increasingly rich and powerful CEO class is in fact infuriating to me...and represents the clear path our country is on, and has been for over 30 years. And it is this path that is leading to the much needed movement, and protests, starting to take place around this country demanding MORE, not less, worker rights, economic justice, and yes, privacy.

Monday, October 3, 2011

A little less than two weeks ago I put together a major post on job seeker privacy, particularly when it comes to employers increasing use of intrusive background checks, most notably of your credit reports.

Rather than go into detail here again, let me just point you to the interview I did on the Rick Smith Show last week about legislation here in California, AB 22 (Mendoza), that would ban prospective employers from accessing your credit scores unless its directly related to the job your applying for. The Governor has until October 9th to decide.

Now to some great news...the Governor signed Senator Leland Yee's Reader Privacy Act (SB 602) on Sunday.
As I've noted in the past here, The privacy threats posed by the explosion of digital books, which will store data that can include books browsed, how long a page is viewed, and even the electronic notes written in the margins. It's not hard to see the detailed portrait this could paint of your life.

Thankfully, this concern will finally be addressed by SB 602 (Yee) - which now will provide important privacy protections for digital book readers.
Without such legislative protection, you can imagine how tempting this information could be to the government or other litigants, like those involved in divorce cases, custody battles, or insurance disputes.

In the case of digital books, we're not talking about just another library - librarians utilize a different standards for dealing with user information than does the online world. Many libraries routinely delete borrower information, and organizations such as the American Library Association have fought hard to preserve the privacy of their patrons in the face of laws such as the U.S. Patriot Act.

What the bill will do is update California's privacy protections in the digital age by preventing the disclosure of information about readers from booksellers without a warrant in a criminal case or a court order in a civil case. It also requires booksellers to report the number and type of requests they receive to track government demands for reader information. Without such protections, we're talking about a virtual one-stop shop for government and third party fishing expeditions into the personal details of our lives.

The bill, known as the Reader Privacy Act of 2011, will require government agencies to obtain a court order before they access customer records from book stores or online retailers. It will officially become law on January 1.

"California law was completely inadequate when it came to protecting one's privacy for book purchases, especially for online shopping and electronic books," said Calif. state Sen. Leland Yee, the bill's sponsor. "Individuals should be free to buy books without fear of government intrusion and witch hunts. If law enforcement has reason to suspect wrongdoing, they should obtain a court order for such information."

Sen. Yee pointed to the McCarthy hearings of the 1950s, where Americans were questioned about whether they had read Marx or Lenin. In the years since September 11, meanwhile, the FBI has sought information from more than 200 libraries, he said.
The bill was backed by the American Civil Liberties Union of California (ACLU) and the Electronic Frontier Foundation (EFF), as well as Google, TechNet, and the Consumer Federation of California.

"Reading choices reveal intimate facts about our lives, from our political and religious beliefs to our health concerns. Digital books and book services can paint an even more detailed picture—including books browsed but not read, particular pages viewed, how long spent on each page, and any electronic notes made by the reader," the EFF said in a statement.

"Without strong privacy protections like the ones in the Reader Privacy Act, reading records can be too easily targeted by government scrutiny as well as exposed in legal proceedings like divorce cases and custody battles. Legal protections must keep up with technological advances," said Valerie Small Navarro, Legislative Advocate with the ACLU of California.

PRIVACY REVOLT! tackles the issues at the intersection of civil liberties and technology, with news and commentary on government and corporate surveillance, identity theft, data brokers, tracking devices, and the security of consumers' financial, medical, and phone records.

Privacy Bill List

We provide tracking and analysis of the most important privacy bills moving through the California state legislature.